This bug was fixed in the package linux - 5.4.0-204.224
---------------
linux (5.4.0-204.224) focal; urgency=medium
* focal/linux: 5.4.0-204.224 -proposed tracker (LP: #2091090)
* CVE-2024-50264
- vsock/virtio: Initialization of the dangling pointer occurring in
vsk->trans
* CVE-2024-53057
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
* CVE-2024-49967
- ext4: no need to continue when the number of entries is 1
* CVE-2024-43892
- memcg: protect concurrent access to mem_cgroup_idr
* CVE-2024-38553
- net: fec: remove .ndo_poll_controller to avoid deadlocks
* CVE-2024-38597
- eth: sungem: remove .ndo_poll_controller to avoid deadlocks
* CVE-2023-52821
- drm/panel: fix a possible null pointer dereference
* CVE-2024-36952
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean
up
* CVE-2024-40910
- ax25: Fix refcount imbalance on inbound connections
* CVE-2024-35963
- Bluetooth: hci_sock: Fix not validating setsockopt user input
* CVE-2024-35965
- Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
- Bluetooth: L2CAP: Fix not validating setsockopt user input
* CVE-2024-35966
- Bluetooth: RFCOMM: Fix not validating setsockopt user input
* CVE-2024-35967
- Bluetooth: SCO: Fix not validating setsockopt user input
* CVE-2021-47101
- net: asix: fix uninit value bugs
- asix: fix wrong return value in asix_check_host_enable()
- asix: fix uninit-value in asix_mdio_read()
* CVE-2022-38096
- drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
* CVE-2021-47001
- xprtrdma: Fix cwnd update ordering
-- Manuel Diewald <[email protected]> Thu, 05 Dec 2024
12:35:34 +0100
** Changed in: linux (Ubuntu Focal)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47001
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47101
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-38096
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52821
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35963
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35965
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35966
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35967
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36952
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38553
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38597
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-40910
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-43892
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49967
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50264
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53057
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2091090
Title:
focal/linux: 5.4.0-204.224 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow abi-testing series:
Fix Released
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow kernel-signoff series:
Fix Released
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
In Progress
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: ac33af8125f75d28
route-entry: 2
comments:
abi-testing: 1
delta:
promote-to-proposed: []
promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
flavours:
linux-image-extra-virtual: [amd64, arm64, ppc64el, s390x]
linux-image-extra-virtual-hwe-18.04: [amd64, arm64, ppc64el, s390x]
linux-image-extra-virtual-hwe-18.04-edge: [amd64, arm64, ppc64el,
s390x]
linux-image-generic: [amd64, arm64, armhf, ppc64el, s390x]
linux-image-generic-hwe-18.04: [amd64, arm64, armhf, ppc64el, s390x]
linux-image-generic-hwe-18.04-edge: [amd64, arm64, armhf, ppc64el,
s390x]
linux-image-generic-lpae: [armhf]
linux-image-generic-lpae-hwe-18.04: [armhf]
linux-image-generic-lpae-hwe-18.04-edge: [armhf]
linux-image-lowlatency: [amd64]
linux-image-lowlatency-hwe-18.04: [amd64]
linux-image-lowlatency-hwe-18.04-edge: [amd64]
linux-image-oem: [amd64]
linux-image-oem-osp1: [amd64]
linux-image-virtual: [amd64, arm64, ppc64el, s390x]
linux-image-virtual-hwe-18.04: [amd64, arm64, ppc64el, s390x]
linux-image-virtual-hwe-18.04-edge: [amd64, arm64, ppc64el, s390x]
issue: KSRU-14948
packages:
generate: linux-generate
lrg: linux-restricted-generate
lrm: linux-restricted-modules
lrs: linux-restricted-signatures
main: linux
meta: linux-meta
signed: linux-signed
phase: Promote to Updates
phase-changed: Monday, 16. December 2024 12:50 UTC
reason:
promote-to-updates: Ongoing -- packages not yet published
synthetic:
:promote-to-as-proposed: Invalid
testing:
verification-bugs: ['2091090']
trackers:
bionic/linux-hwe-5.4: bug 2090086
focal/linux-aws: bug 2090037
focal/linux-azure: bug 2090041
focal/linux-bluefield: bug 2090042
focal/linux-fips: bug 2090061
focal/linux-gcp: bug 2090064
focal/linux-ibm: bug 2090070
focal/linux-kvm: bug 2090076
focal/linux-oracle: bug 2090081
focal/linux-raspi: bug 2090051
focal/linux-xilinx-zynqmp: bug 2090085
variant: debs
versions:
lrm: 5.4.0-204.224+1
main: 5.4.0-204.224
meta: 5.4.0.204.200
signed: 5.4.0-204.224
versions-replace:
lrm: [5.4.0-204.224]
~~:
clamps:
new-review: ac33af8125f75d28
promote-to-proposed: ac33af8125f75d28
self: 5.4.0-204.224
sru-review: ac33af8125f75d28
tracker:
last-message: '2024-12-16 12:50:16.094119+00:00'
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2091090/+subscriptions
--
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to : [email protected]
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help : https://help.launchpad.net/ListHelp
